The Old New Thing

It rather involved being on the other side of this airtight hatchway: Silently enabling features

November 21, 2012 Nov 21, 2012 11/21/12

Raymond Chen

A security vulnerability report arrived which went roughly like this: When you programmatically enable the XYZ feature, the user receives no visual alert that it is enabled. As a result, malware can enable this feature and use it as part of an attempt to turn the machine into a botnet zombie. The XYZ feature should notify the user when it is ...